本博文介绍将介绍如何在rhel5/centos5的环境下安装配置iscsi服务。 测试环境: iscsi server: 192.168.0.210 server210.example.com iscsi client: 192.168.0.200 client200.example.com 两台机器的操作系统都是rhel5.4 32, 该配置方法同样适用于64位的操作系统。 一:iscsi server的具体配置步骤: 1.安装软件包 a.iscsi server需要安装的包为: [root@server210 ~]# yum list|grep -i scsi-target This system is not registered with RHN. RHN support will be disabled. scsi-target-utils.i386 0.0-5.20080917snap.el5 ClusterStorage b.检查server210是否已经安装了scsi-target软件包,如果已经安装,请忽略本步骤。 [root@server210 ~]# rpm -qa scsi-target-utils.i386 c.如果没有安装,在配置完yum后运行如下命令以完成软件包的安装.该命令会自动安装scsi-target-utils.i386和perl-Config-General.noarch两个包.所以你也可以使用rpm -ivh ****.rpm来安装。 [root@server210 ~]# yum -y install scsi-target-utils.i386 2.创建两个lv分区来做共享盘。(不一定非要用lv,如入你用硬盘,逻辑分区,还可以用dd if来创建一个镜像文件,等等都可以用来做共享盘) [root@server210 ~]# lvcreate -L 1G -n scsi1 vol0 Logical volume "scsi1" created [root@server210 ~]# lvcreate -L 1G -n scsi2 vol0 Logical volume "scsi2" created [root@server210 ~]# lvscan ACTIVE '/dev/vol0/root' [8.00 GB] inherit ACTIVE '/dev/vol0/home' [480.00 MB] inherit ACTIVE '/dev/vol0/lv.vcracker' [2.00 GB] inherit ACTIVE '/dev/vol0/lv.vserver' [3.00 GB] inherit ACTIVE '/dev/vol0/scsi1' [1.00 GB] inherit ACTIVE '/dev/vol0/scsi2' [1.00 GB] inherit 3.修改配置文件,添加如下内容,该配置的目的是:共享出两个分区vol0-scsi1和vol0-scsi2,命名为iqn.20012-05.com.example:mydisk,并且只允许192.168.0.200这台主机能够访问.如果你需要共享给某个网段可以这么写: 192.168.0.0/24,具体的配置可以根据自己的实际要求来设置,我这么写只是为了演示其功能。 <target iqn.20012-05.com.example:mydisk> # List of files to export as LUNs backing-store /dev/mapper/vol0-scsi1 backing-store /dev/mapper/vol0-scsi2 # Authentication : # if no "incominguser" is specified, it is not used #incominguser backup secretpass12 # Access control : # defaults to ALL if no "initiator-address" is specified initiator-address 192.168.0.200 192.168.0.199 </target> 4.重启服务并且添加到开机启动,确保下次重启后iscsi服务能自动启动。 [root@server210 ~]# /etc/init.d/tgtd restart Stopping SCSI target daemon: [ OK ] Starting SCSI target daemon: [ OK ] [root@server210 ~]# chkconfig tgtd on [root@server210 ~]# chkconfig --list|grep tgtd tgtd 0:off 1:off 2:on 3:on 4:on 5:on 6:off 5.如果你配置了iptables防火墙,那么你需要在添加一条规则,如下: [root@server210 ~]# iptables -A INPUT -p tcp -s 192.168.0.200 --dport 3260 -j ACCEPT [root@server210 ~]# iptables -L -nv Chain INPUT (policy ACCEPT 6522 packets, 2879K bytes) pkts bytes target prot opt in out source destination 0 0 ACCEPT tcp -- * * 192.168.0.200 0.0.0.0/0 tcp dpt:3260 Chain FORWARD (policy ACCEPT 0 packets, 0 bytes) pkts bytes target prot opt in out source destination Chain OUTPUT (policy ACCEPT 5957 packets, 814K bytes) pkts bytes target prot opt in out source destination 6.在服务器端查看共享的状态是否正常,如果能正常的现实如下信息说明已经配置ok。 [root@server210 ~]# tgt-admin -s Target 1: iqn.20012-05.com.example:mydisk System information: Driver: iscsi State: ready I_T nexus information: LUN information: LUN: 0 Type: controller SCSI ID: deadbeaf1:0 SCSI SN: beaf10 Size: 0 MB Online: Yes Removable media: No Backing store: No backing store LUN: 1 Type: disk SCSI ID: deadbeaf1:1 SCSI SN: beaf11 Size: 1074 MB Online: Yes Removable media: No Backing store: /dev/mapper/vol0-scsi1 LUN: 2 Type: disk SCSI ID: deadbeaf1:2 SCSI SN: beaf12 Size: 1074 MB Online: Yes Removable media: No Backing store: /dev/mapper/vol0-scsi2 Account information: ACL information: 192.168.0.200 [root@server210 ~]# 二:iscsi client的具体配置步骤: 1.安装iscsi client的软件包 a.iscsi server需要安装的包为: [root@client200 ~]# yum list|grep -i iscsi-initiator-utils This system is not registered with RHN. RHN support will be disabled. iscsi-initiator-utils.i386 6.2.0.871-0.10.el5 base b.查看iscsi client的安装包是否应安装,如果已经安装,请忽略本步骤。 [root@client200 ~]# rpm -qa iscsi-initiator-utils c.如果没有安装,在配置完yum后运行如下命令以完成软件包的安装. [root@client200 ~]# yum -y install iscsi-initiator-utils 2.启动服务并且添加到开机启动,确保服务在下次系统重启后能够自动启动。 [root@client200 ~]# /etc/init.d/iscsid restart Stopping iSCSI daemon: Turning off network shutdown. Starting iSCSI daemon: [ OK ] [ OK ] [root@client200 ~]# chkconfig iscsid on [root@client200 ~]# chkconfig --list|grep iscsid iscsid 0:off 1:off 2:on 3:on 4:on 5:on 6:off 3.运行下面的命令发现并且登陆到server共享的分区 [root@client200 ~]# iscsiadm -m discovery -t sendtargets -p 192.168.0.210 192.168.0.210:3260,1 iqn.20012-05.com.example:mydisk [root@client200 ~]# iscsiadm -m node -T iqn.20012-05.com.example:mydisk -p 192.168.0.210 -l Logging in to [iface: default, target: iqn.20012-05.com.example:mydisk, portal: 192.168.0.210,3260] Login to [iface: default, target: iqn.20012-05.com.example:mydisk, portal: 192.168.0.210,3260]: successful 4.查看下共享的两个分区是否已经正常挂在到了client端。 [root@client200 ~]# fdisk -l Disk /dev/sda: 21.4 GB, 21474836480 bytes 255 heads, 63 sectors/track, 2610 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 13 104391 83 Linux /dev/sda2 14 2308 18434587+ 8e Linux LVM /dev/sda3 2309 2373 522112+ 82 Linux swap / Solaris Disk /dev/sdb: 1073 MB, 1073741824 bytes 34 heads, 61 sectors/track, 1011 cylinders Units = cylinders of 2074 * 512 = 1061888 bytes Disk /dev/sdb doesn't contain a valid partition table Disk /dev/sdc: 1073 MB, 1073741824 bytes 34 heads, 61 sectors/track, 1011 cylinders Units = cylinders of 2074 * 512 = 1061888 bytes Disk /dev/sdc doesn't contain a valid partition table 5.然后你就可以格式化分区,就像使用自己本机的应该一样了。 [root@client200 ~]# mkfs.ext3 /dev/sdb 把共享的一个分区格式化为ext3的文件系统 mke2fs 1.39 (29-May-2006) /dev/sdb is entire device, not just one partition! Proceed anyway? (y,n) y Filesystem label= OS type: Linux Block size=4096 (log=2) Fragment size=4096 (log=2) 131072 inodes, 262144 blocks 13107 blocks (5.00%) reserved for the super user First data block=0 Maximum filesystem blocks=268435456 8 block groups 32768 blocks per group, 32768 fragments per group 16384 inodes per group Superblock backups stored on blocks: 32768, 98304, 163840, 229376 Writing inode tables: done Creating journal (8192 blocks): done Writing superblocks and filesystem accounting information: done This filesystem will be automatically checked every 20 mounts or 180 days, whichever comes first. Use tune2fs -c or -i to override. [root@client200 ~]# mkdir /mnt/myiscsi 创建一个挂载点 [root@client200 ~]# partprobe /dev/sdb [root@client200 ~]# mount /dev/sdb /mnt/myiscsi/ 挂载到/mnt/myiscsi [root@client200 ~]# df -h 查看是否正常挂在 Filesystem Size Used Avail Use% Mounted on /dev/mapper/vol0-root 7.8G 2.1G 5.3G 28% / /dev/mapper/vol0-home 465M 11M 431M 3% /home /dev/sda1 99M 12M 82M 13% /boot tmpfs 252M 0 252M 0% /dev/shm /dev/sdb 1008M 34M 924M 4% /mnt/myiscsi 6.通过/etc/fstab文件中添加如下条目来实现开机自动挂载,千万记得添加_netdev参数,否则client重启后将无法正常挂在。因为os在启动时会挂在文件系统,这个时候我们的iscsid的服务还没有启动,所以就会挂在失败,应对的方法就是在options上添加_netdev参数。 [root@client200 ~]# cat /etc/fstab /dev/vol0/root / ext3 defaults 1 1 /dev/vol0/home /home ext3 defaults 1 2 LABEL=/boot /boot ext3 defaults 1 2 tmpfs /dev/shm tmpfs defaults 0 0 devpts /dev/pts devpts gid=5,mode=620 0 0 sysfs /sys sysfs defaults 0 0 proc /proc proc defaults 0 0 LABEL=SWAP-sda3 swap swap defaults 0 0 /dev/sdb /mnt/myiscsi ext3 defaults,_netdev 0 0 7.运行如下命令,如果你想login out共享的分区。 a.卸载文件系统 [root@client200 ~]# umount /mnt/myiscsi/ b.login out共享的分区 [root@client200 ~]# iscsiadm -m node -T iqn.20012-05.com.example:mydisk -p 192.168.0.210 -u Logging out of session [sid: 1, target: iqn.20012-05.com.example:mydisk, portal: 192.168.0.210,3260] Logout of [sid: 1, target: iqn.20012-05.com.example:mydisk, portal: 192.168.0.210,3260]: successful c.查看是否已经login out. [root@client200 ~]# fdisk -l Disk /dev/sda: 21.4 GB, 21474836480 bytes 255 heads, 63 sectors/track, 2610 cylinders Units = cylinders of 16065 * 512 = 8225280 bytes Device Boot Start End Blocks Id System /dev/sda1 * 1 13 104391 83 Linux /dev/sda2 14 2308 18434587+ 8e Linux LVM /dev/sda3 2309 2373 522112+ 82 Linux swap / Solaris d.注意:如果只运行上面命令,共享的分区将会在iscsid服务重启后自动挂在,那么如何实现永久login out呢?你可以通过下面命令实现。 [root@client200 ~]# iscsiadm -m node -T iqn.20012-05.com.example:mydisk -p 192.168.0.210 -o delete 说明:本实验只做了对client IP的限制,并没有设置user/password的认证功能,如何实现这个功能呢?大家可以看下系统中的man手册,这里就不在赘述了。